Description

Lead security programs and incident response at Roblox, ensuring regulatory compliance (NIS2, GDPR) and building operational systems that improve detection, response, and governance during high-pressure incidents.

Requirements

• 8+ years leading complex technical programs in security, incident response, or regulatory domains
• Deep familiarity with incident response lifecycle and security event classification
• Experience with breach notification requirements (NIS2, GDPR, or similar)
• Ability to translate regulatory language into technical execution plans
• Experience partnering with Legal and Privacy during real incidents

Responsibilities

• Own and operationalize large-scale security programs, including GDPR and NIS2 regulatory readiness and incident response governance
• Translate complex regulatory requirements into executable workflows, tooling, and measurable controls
• Operate calmly during live incidents, ensuring classification, escalation, and regulatory decisions are aligned
• Build durable systems that improve response speed, audit readiness, and executive visibility
• Facilitate high-stakes cross-functional conversations on risk ownership and tradeoffs